bug 1010: Minor clean-ups
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21
22 loadem("account");
23
24 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
25 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
26 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
27
28 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
29 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
30 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
31 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
32
33
34 if(!$_SESSION['mconn'])
35 {
36 echo _("Several CAcert Services are currently unavailable. Please try again later.");
37 exit;
38 }
39
40 if ($process == _("Cancel"))
41 {
42 // General reset CANCEL process requests
43 $process = "";
44 }
45
46
47 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
48 {
49 $id = 1;
50 $oldid=0;
51 }
52
53 if($process != "" && $oldid == 1)
54 {
55 $id = 1;
56 csrf_check('addemail');
57 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
58 {
59 showheader(_("My CAcert.org Account!"));
60 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
61 showfooter();
62 exit;
63 }
64 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
65 {
66 showheader(_("My CAcert.org Account!"));
67 printf(_("Not a valid email address. Can't continue."));
68 showfooter();
69 exit;
70 }
71 $oldid=0;
72 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
73 $query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
74 $res = mysql_query($query);
75 if(mysql_num_rows($res) > 0)
76 {
77 showheader(_("My CAcert.org Account!"));
78 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
79 showfooter();
80 exit;
81 }
82 $checkemail = checkEmail($_REQUEST['newemail']);
83 if($checkemail != "OK")
84 {
85 showheader(_("My CAcert.org Account!"));
86 if (substr($checkemail, 0, 1) == "4")
87 {
88 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
89 } else {
90 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
91 }
92 echo "<p>$checkemail</p>\n";
93 showfooter();
94 exit;
95 }
96 $hash = make_hash();
97 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
98 mysql_query($query);
99 $emailid = mysql_insert_id();
100
101 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
102 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
103 $body .= _("Best regards")."\n"._("CAcert.org Support!");
104
105 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
106
107 showheader(_("My CAcert.org Account!"));
108 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
109 showfooter();
110 exit;
111 }
112
113 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
114 {
115 $id = 2;
116 $emailid = intval($_REQUEST['emailid']);
117 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
118 $res = mysql_query($query);
119 if(mysql_num_rows($res) <= 0)
120 {
121 showheader(_("Error!"));
122 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
123 showfooter();
124 exit;
125 }
126 $row = mysql_fetch_assoc($res);
127 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
128 $body .= _("You are receiving this email because you or someone else ".
129 "has changed the default email on your account.")."\n\n";
130
131 $body .= _("Best regards")."\n"._("CAcert.org Support!");
132
133 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
134 "support@cacert.org", "", "", "CAcert Support");
135
136 $_SESSION['profile']['email'] = $row['email'];
137 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
138 mysql_query($query);
139 showheader(_("My CAcert.org Account!"));
140 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
141 showfooter();
142 exit;
143 }
144
145 if($process != "" && $oldid == 2)
146 {
147 $id = 2;
148 csrf_check("chgdef");
149 showheader(_("My CAcert.org Account!"));
150 $delcount = 0;
151 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
152 {
153 foreach($_REQUEST['delid'] as $id)
154 {
155 if (0==$delcount) {
156 echo _('The following email addresses have been removed:')."<br>\n";
157 }
158 $id = intval($id);
159 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
160 `email`!='".$_SESSION['profile']['email']."'";
161 $res = mysql_query($query);
162 if(mysql_num_rows($res) > 0)
163 {
164 $row = mysql_fetch_assoc($res);
165 echo $row['email']."<br>\n";
166 $query = "select `emailcerts`.`id`
167 from `emaillink`,`emailcerts` where
168 `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and
169 `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0
170 group by `emailcerts`.`id`";
171 $dres = mysql_query($query);
172 while($drow = mysql_fetch_assoc($dres))
173 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'");
174
175 $query = "update `email` set `deleted`=NOW() where `id`='$id'";
176 mysql_query($query);
177 $delcount++;
178 }
179 }
180 }
181 else
182 {
183 echo _("You did not select any email accounts for removal.");
184 }
185 if(0 == $delcount)
186 {
187 echo _("You failed to select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
188 }
189
190 showfooter();
191 exit;
192 }
193
194 if($process != "" && $oldid == 3)
195 {
196 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
197 {
198 showheader(_("My CAcert.org Account!"));
199 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
200 showfooter();
201 exit;
202 }
203
204 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
205
206 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
207 if($_SESSION['profile']['points'] >= 50)
208 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
209 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
210 {
211 $_REQUEST['codesign'] = 0;
212 }
213 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
214 {
215 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
216 $_SESSION['_config']['incname'] = 1;
217 }
218 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
219 $_SESSION['_config']['codesign'] = 1;
220 else
221 $_SESSION['_config']['codesign'] = 0;
222
223 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
224 $_SESSION['_config']['disablelogin'] = 0;
225 else
226 $_SESSION['_config']['disablelogin'] = 1;
227
228 $_SESSION['_config']['rootcert'] = 1;
229 if($_SESSION['profile']['points'] >= 50)
230 {
231 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
232 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
233 $_SESSION['_config']['rootcert'] = 1;
234 }
235 $csr = "";
236 if(trim($_REQUEST['optionalCSR']) == "")
237 {
238 $id = 4;
239 } else {
240 $oldid = 4;
241 $_REQUEST['keytype'] = "MS";
242 $csr = clean_csr($_REQUEST['optionalCSR']);
243 }
244 if(trim($_REQUEST['description']) != ""){
245 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
246 }else{
247 $_SESSION['_config']['description']= "";
248 }
249 }
250
251 if($oldid == 4)
252 {
253 if($_REQUEST['keytype'] == "NS")
254 {
255 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
256
257 if($spkac=="" || $spkac == "deadbeef")
258 {
259 $id = 4;
260 showheader(_("My CAcert.org Account!"));
261 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
262 showfooter();
263 exit;
264 }
265 $count = 0;
266 $emails = "";
267 $addys = array();
268 $defaultemail="";
269 if(is_array($_SESSION['_config']['addid']))
270 foreach($_SESSION['_config']['addid'] as $id)
271 {
272 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
273 if(mysql_num_rows($res) > 0)
274 {
275 $row = mysql_fetch_assoc($res);
276 if(!$emails)
277 $defaultemail = $row['email'];
278 $emails .= "$count.emailAddress = ".$row['email']."\n";
279 $count++;
280 $addys[] = intval($row['id']);
281 }
282 }
283 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
284 {
285 $id = 4;
286 showheader(_("My CAcert.org Account!"));
287 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
288 showfooter();
289 exit;
290 }
291 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
292 if($_SESSION['_config']['SSO'] == 1)
293 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
294
295 if(strlen($user['mname']) == 1)
296 $user['mname'] .= '.';
297 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
298 {
299 $emails .= "commonName = CAcert WoT User\n";
300 }
301 else
302 {
303 if($_SESSION['_config']['incname'] == 1)
304 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
305 if($_SESSION['_config']['incname'] == 2)
306 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
307 if($_SESSION['_config']['incname'] == 3)
308 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
309 if($_SESSION['_config']['incname'] == 4)
310 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
311 }
312 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
313 $_SESSION['_config']['rootcert'] = 1;
314
315 $emails .= "SPKAC = $spkac";
316 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
317 {
318 $id = 4;
319 showheader(_("My CAcert.org Account!"));
320 echo $weakKey;
321 showfooter();
322 exit;
323 }
324
325 $query = "insert into emailcerts set
326 `CN`='$defaultemail',
327 `keytype`='NS',
328 `memid`='".intval($_SESSION['profile']['id'])."',
329 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
330 `codesign`='".intval($_SESSION['_config']['codesign'])."',
331 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
332 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
333 `description`='".$_SESSION['_config']['description']."'";
334 mysql_query($query);
335 $emailid = mysql_insert_id();
336 if(is_array($addys))
337 foreach($addys as $addy)
338 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
339 $CSRname=generatecertpath("csr","client",$emailid);
340 $fp = fopen($CSRname, "w");
341 fputs($fp, $emails);
342 fclose($fp);
343 $challenge=$_SESSION['spkac_hash'];
344 $res=`openssl spkac -verify -in $CSRname`;
345 if(!strstr($res,"Challenge String: ".$challenge))
346 {
347 $id = $oldid;
348 showheader(_("My CAcert.org Account!"));
349 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
350 showfooter();
351 exit;
352 }
353 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
354 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
355 if($csr == "")
356 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
357
358 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
359 {
360 $id = 4;
361 showheader(_("My CAcert.org Account!"));
362 echo $weakKey;
363 showfooter();
364 exit;
365 }
366
367 $tmpfname = tempnam("/tmp", "id4CSR");
368 $fp = fopen($tmpfname, "w");
369 fputs($fp, $csr);
370 fclose($fp);
371
372 $addys = array();
373 $defaultemail = "";
374 $csrsubject="";
375
376 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
377 if(strlen($user['mname']) == 1)
378 $user['mname'] .= '.';
379 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
380 $csrsubject = "/CN=CAcert WoT User";
381 if($_SESSION['_config']['incname'] == 1)
382 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
383 if($_SESSION['_config']['incname'] == 2)
384 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
385 if($_SESSION['_config']['incname'] == 3)
386 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
387 if($_SESSION['_config']['incname'] == 4)
388 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
389 if(is_array($_SESSION['_config']['addid']))
390 foreach($_SESSION['_config']['addid'] as $id)
391 {
392 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
393 if(mysql_num_rows($res) > 0)
394 {
395 $row = mysql_fetch_assoc($res);
396 if($defaultemail == "")
397 $defaultemail = $row['email'];
398 $csrsubject .= "/emailAddress=".$row['email'];
399 $addys[] = $row['id'];
400 }
401 }
402 if($_SESSION['_config']['SSO'] == 1)
403 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
404
405 $tmpname = tempnam("/tmp", "id4csr");
406 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
407 @unlink($tmpfname);
408 $csr = "";
409 $fp = fopen($tmpname, "r");
410 while($data = fgets($fp, 4096))
411 $csr .= $data;
412 fclose($fp);
413 @unlink($tmpname);
414 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
415 $_SESSION['_config']['rootcert'] = 1;
416
417 if($csr == "")
418 {
419 $id = 4;
420 showheader(_("My CAcert.org Account!"));
421 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
422 showfooter();
423 exit;
424 }
425 $query = "insert into emailcerts set
426 `CN`='$defaultemail',
427 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
428 `memid`='".$_SESSION['profile']['id']."',
429 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
430 `subject`='".mysql_real_escape_string($csrsubject)."',
431 `codesign`='".$_SESSION['_config']['codesign']."',
432 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
433 `rootcert`='".$_SESSION['_config']['rootcert']."',
434 `description`='".$_SESSION['_config']['description']."'";
435 mysql_query($query);
436 $emailid = mysql_insert_id();
437 if(is_array($addys))
438 foreach($addys as $addy)
439 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
440 $CSRname=generatecertpath("csr","client",$emailid);
441 $fp = fopen($CSRname, "w");
442 fputs($fp, $csr);
443 fclose($fp);
444 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
445 }
446 waitForResult("emailcerts", $emailid, 4);
447 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
448 $res = mysql_query($query);
449 if(mysql_num_rows($res) <= 0)
450 {
451 $id = 4;
452 showheader(_("My CAcert.org Account!"));
453 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
454 showfooter();
455 exit;
456 } else {
457 $id = 6;
458 $cert = $emailid;
459 $_REQUEST['cert']=$emailid;
460 }
461 }
462
463 if($oldid == 7)
464 {
465 csrf_check("adddomain");
466 if(strstr($_REQUEST['newdomain'],"\x00"))
467 {
468 showheader(_("My CAcert.org Account!"));
469 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
470 showfooter();
471 exit;
472 }
473
474 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
475 while($newdomain['0'] == '-')
476 $newdomain = substr($newdomain, 1);
477 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
478 {
479 showheader(_("My CAcert.org Account!"));
480 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
481 showfooter();
482 exit;
483 }
484
485 $newdom = trim(escapeshellarg($newdomain));
486 $newdomain = mysql_real_escape_string(trim($newdomain));
487
488 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
489 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
490 $res2 = mysql_query($query);
491 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
492 {
493 $oldid=0;
494 $id = 7;
495 showheader(_("My CAcert.org Account!"));
496 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
497 showfooter();
498 exit;
499 }
500 }
501
502 if($oldid == 7)
503 {
504 $oldid=0;
505 $id = 8;
506 $addy = array();
507 $adds = array();
508 if(strtolower(substr($newdom, -4, 3)) != ".jp")
509 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
510 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
511 {
512 if(is_array($adds))
513 foreach($adds as $line)
514 {
515 $bits = explode(":", $line, 2);
516 $line = trim($bits[1]);
517 if(!in_array($line, $addy) && $line != "")
518 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
519 }
520 } else {
521 if(is_array($adds))
522 foreach($adds as $line)
523 {
524 $line = trim(str_replace("\t", " ", $line));
525 $line = trim(str_replace("(", "", $line));
526 $line = trim(str_replace(")", " ", $line));
527 $line = trim(str_replace(":", " ", $line));
528
529 $bits = explode(" ", $line);
530 foreach($bits as $bit)
531 {
532 if(strstr($bit, "@"))
533 $line = $bit;
534 }
535 if(!in_array($line, $addy) && $line != "")
536 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
537 }
538 }
539
540 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
541 foreach($rfc as $sub)
542 if(!in_array($sub, $addy))
543 $addy[] = $sub;
544 $_SESSION['_config']['addy'] = $addy;
545 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
546 }
547
548 if($process != "" && $oldid == 8)
549 {
550 csrf_check('ctcinfo');
551 $oldid=0;
552 $id = 8;
553
554 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
555
556 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
557 {
558 showheader(_("My CAcert.org Account!"));
559 echo _("The address you submitted isn't a valid authority address for the domain.");
560 showfooter();
561 exit;
562 }
563
564 if(!in_array($authaddy, $_SESSION['_config']['addy']))
565 {
566 showheader(_("My CAcert.org Account!"));
567 echo _("The address you submitted isn't a valid authority address for the domain.");
568 showfooter();
569 exit;
570 }
571
572 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
573 $res = mysql_query($query);
574 if(mysql_num_rows($res) > 0)
575 {
576 showheader(_("My CAcert.org Account!"));
577 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
578 showfooter();
579 exit;
580 }
581 $checkemail = checkEmail($authaddy);
582 if($checkemail != "OK")
583 {
584 showheader(_("My CAcert.org Account!"));
585 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
586 if (substr($checkemail, 0, 1) == "4")
587 {
588 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
589 } else {
590 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
591 }
592 echo "<p>$checkemail</p>\n";
593 showfooter();
594 exit;
595 }
596
597 $hash = make_hash();
598 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
599 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
600 mysql_query($query);
601 $domainid = mysql_insert_id();
602
603 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
604 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
605 $body .= _("Best regards")."\n"._("CAcert.org Support!");
606
607 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
608
609 showheader(_("My CAcert.org Account!"));
610 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
611 showfooter();
612 exit;
613 }
614
615 if($process != "" && $oldid == 9)
616 {
617 $id = 9;
618 showheader(_("My CAcert.org Account!"));
619 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
620 {
621 echo _("The following domains have been removed:")."<br>
622 ("._("Any valid certificates will be revoked as well").")<br>\n";
623
624 foreach($_REQUEST['delid'] as $id)
625 {
626 $id = intval($id);
627 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
628 $res = mysql_query($query);
629 if(mysql_num_rows($res) > 0)
630 {
631 $row = mysql_fetch_assoc($res);
632 echo $row['domain']."<br>\n";
633
634 $dres = mysql_query(
635 "select `domaincerts`.`id`
636 from `domaincerts`
637 where `domaincerts`.`domid` = '$id'
638 union distinct
639 select `domaincerts`.`id`
640 from `domaincerts`, `domlink`
641 where `domaincerts`.`id` = `domlink`.`certid`
642 and `domlink`.`domid` = '$id'");
643 while($drow = mysql_fetch_assoc($dres))
644 {
645 mysql_query(
646 "update `domaincerts`
647 set `revoked`='1970-01-01 10:00:01'
648 where `id` = '".$drow['id']."'
649 and `revoked` = 0
650 and UNIX_TIMESTAMP(`expire`) -
651 UNIX_TIMESTAMP() > 0");
652 }
653
654 mysql_query(
655 "update `domains`
656 set `deleted`=NOW()
657 where `id` = '$id'");
658 }
659 }
660 }
661 else
662 {
663 echo _("You did not select any domains for removal.");
664 }
665
666 showfooter();
667 exit;
668 }
669
670 if($process != "" && $oldid == 10)
671 {
672 $CSR = clean_csr($_REQUEST['CSR']);
673 if(strpos($CSR,"---BEGIN")===FALSE)
674 {
675 // In case the CSR is missing the ---BEGIN lines, add them automatically:
676 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
677 }
678
679 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
680 {
681 showheader(_("My CAcert.org Account!"));
682 echo $weakKey;
683 showfooter();
684 exit;
685 }
686
687 if(trim($_REQUEST['description']) != ""){
688 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
689 }else{
690 $_SESSION['_config']['description']= "";
691 }
692
693 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
694 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
695 fputs($fp, $CSR);
696 fclose($fp);
697 $CSR = $_SESSION['_config']['tmpfname'];
698 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
699 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
700 foreach($bits as $val)
701 {
702 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
703 }
704 $id = 11;
705
706 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
707 extractit();
708 getcn();
709 getalt();
710
711 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
712 {
713 showheader(_("My CAcert.org Account!"));
714 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
715 showfooter();
716 exit;
717 }
718
719 $_SESSION['_config']['rootcert'] = 1;
720 if($_SESSION['profile']['points'] >= 50)
721 {
722 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
723 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
724 $_SESSION['_config']['rootcert'] = 1;
725 }
726 }
727
728 if($process != "" && $oldid == 11)
729 {
730 if(!file_exists($_SESSION['_config']['tmpfname']))
731 {
732 showheader(_("My CAcert.org Account!"));
733 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
734 showfooter();
735 exit;
736 }
737
738 if (($weakKey = checkWeakKeyCSR(file_get_contents(
739 $_SESSION['_config']['tmpfname']))) !== "")
740 {
741 showheader(_("My CAcert.org Account!"));
742 echo $weakKey;
743 showfooter();
744 exit;
745 }
746
747 $id = 11;
748 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
749 {
750 showheader(_("My CAcert.org Account!"));
751 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
752 showfooter();
753 exit;
754 }
755
756 $subject = "";
757 $count = 0;
758 $supressSAN=0;
759 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
760
761 if(is_array($_SESSION['_config']['rows']))
762 foreach($_SESSION['_config']['rows'] as $row)
763 {
764 $count++;
765 if($count <= 1)
766 {
767 $subject .= "/CN=$row";
768 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
769 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
770 } else {
771 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
772 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
773 }
774 }
775 if(is_array($_SESSION['_config']['altrows']))
776 foreach($_SESSION['_config']['altrows'] as $row)
777 {
778 if(substr($row, 0, 4) == "DNS:")
779 {
780 $row = substr($row, 4);
781 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
782 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
783 }
784 }
785 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
786 $_SESSION['_config']['rootcert'] = 1;
787
788 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
789 {
790 $query = "insert into `domaincerts` set
791 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
792 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
793 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
794 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
795 `description`='".$_SESSION['_config']['description']."'";
796 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
797 $query = "insert into `domaincerts` set
798 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
799 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
800 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
801 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
802 `description`='".$_SESSION['_config']['description']."'";
803 } else {
804 showheader(_("My CAcert.org Account!"));
805 echo _("Domain not verified.");
806 showfooter();
807 exit;
808
809 }
810
811 mysql_query($query);
812 $CSRid = mysql_insert_id();
813
814 if(is_array($_SESSION['_config']['rowid']))
815 foreach($_SESSION['_config']['rowid'] as $dom)
816 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
817 if(is_array($_SESSION['_config']['altid']))
818 foreach($_SESSION['_config']['altid'] as $dom)
819 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
820
821 $CSRname=generatecertpath("csr","server",$CSRid);
822 rename($_SESSION['_config']['tmpfname'], $CSRname);
823 chmod($CSRname,0644);
824 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
825 waitForResult("domaincerts", $CSRid, 11);
826 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
827 $res = mysql_query($query);
828 if(mysql_num_rows($res) <= 0)
829 {
830 $id = 11;
831 showheader(_("My CAcert.org Account!"));
832 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
833 showfooter();
834 exit;
835 } else {
836 $id = 15;
837 $cert = $CSRid;
838 $_REQUEST['cert']=$CSRid;
839 }
840 }
841
842 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
843 {
844 csrf_check('srvcerchange');
845 $id = 12;
846 showheader(_("My CAcert.org Account!"));
847 if(is_array($_REQUEST['revokeid']))
848 {
849 echo _("Now renewing the following certificates:")."<br>\n";
850 foreach($_REQUEST['revokeid'] as $id)
851 {
852 $id = intval($id);
853 echo _("Processing request")." $id:<br/>";
854 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
855 where `domaincerts`.`id`='$id' and
856 `domaincerts`.`domid`=`domains`.`id` and
857 `domains`.`memid`='".$_SESSION['profile']['id']."'";
858 $res = mysql_query($query);
859 if(mysql_num_rows($res) <= 0)
860 {
861 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
862 continue;
863 }
864
865 $row = mysql_fetch_assoc($res);
866
867 if (($weakKey = checkWeakKeyX509(file_get_contents(
868 $row['crt_name']))) !== "")
869 {
870 echo $weakKey, "<br/>\n";
871 continue;
872 }
873
874 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
875 $query = "insert into `domaincerts` set
876 `domid`='".$row['domid']."',
877 `CN`='".mysql_real_escape_string($row['CN'])."',
878 `subject`='".mysql_real_escape_string($row['subject'])."',".
879 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
880 "`created`='".$row['created']."',
881 `modified`=NOW(),
882 `rootcert`='".$row['rootcert']."',
883 `type`='".$row['type']."',
884 `pkhash`='".$row['pkhash']."',
885 `description`='".$row['description']."'";
886 mysql_query($query);
887 $newid = mysql_insert_id();
888 $newfile=generatecertpath("csr","server",$newid);
889 copy($row['csr_name'], $newfile);
890 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
891 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
892 foreach($bits as $val)
893 {
894 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
895 }
896 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
897 extractit();
898 getcn();
899 getalt();
900
901 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
902 {
903 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
904 continue;
905 }
906
907 $subject = "";
908 $count = 0;
909 if(is_array($_SESSION['_config']['rows']))
910 foreach($_SESSION['_config']['rows'] as $row)
911 {
912 $count++;
913 if($count <= 1)
914 {
915 $subject .= "/CN=$row";
916 if(!strstr($subject, "=$row/") &&
917 substr($subject, -strlen("=$row")) != "=$row")
918 $subject .= "/subjectAltName=$row";
919 } else {
920 if(!strstr($subject, "=$row/") &&
921 substr($subject, -strlen("=$row")) != "=$row")
922 $subject .= "/subjectAltName=$row";
923 }
924 }
925 if(is_array($_SESSION['_config']['altrows']))
926 foreach($_SESSION['_config']['altrows'] as $row)
927 if(!strstr($subject, "=$row/") &&
928 substr($subject, -strlen("=$row")) != "=$row")
929 $subject .= "/subjectAltName=$row";
930 $subject = mysql_real_escape_string($subject);
931 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
932
933 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
934 waitForResult("domaincerts", $newid,$oldid,0);
935 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
936 $res = mysql_query($query);
937 if(mysql_num_rows($res) <= 0)
938 {
939 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
940 } else {
941 $drow = mysql_fetch_assoc($res);
942 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
943 echo "<pre>\n$cert\n</pre>\n";
944 }
945 }
946 }
947 else
948 {
949 echo _("You did not select any certificates for renewal.");
950 }
951 showfooter();
952 exit;
953 }
954
955 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
956 {
957 csrf_check('srvcerchange');
958 $id = 12;
959 showheader(_("My CAcert.org Account!"));
960 if(is_array($_REQUEST['revokeid']))
961 {
962 echo _("Now revoking the following certificates:")."<br>\n";
963 foreach($_REQUEST['revokeid'] as $id)
964 {
965 $id = intval($id);
966 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
967 where `domaincerts`.`id`='$id' and
968 `domaincerts`.`domid`=`domains`.`id` and
969 `domains`.`memid`='".$_SESSION['profile']['id']."'";
970 $res = mysql_query($query);
971 if(mysql_num_rows($res) <= 0)
972 {
973 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
974 continue;
975 }
976 $row = mysql_fetch_assoc($res);
977 if($row['revoke'] > 0)
978 {
979 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
980 continue;
981 }
982 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
983 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
984 }
985 }
986 else
987 {
988 echo _("You did not select any certificates for revocation.");
989 }
990
991 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
992 {
993 echo _("Now deleting the following pending requests:")."<br>\n";
994 foreach($_REQUEST['delid'] as $id)
995 {
996 $id = intval($id);
997 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
998 where `domaincerts`.`id`='$id' and
999 `domaincerts`.`domid`=`domains`.`id` and
1000 `domains`.`memid`='".$_SESSION['profile']['id']."'";
1001 $res = mysql_query($query);
1002 if(mysql_num_rows($res) <= 0)
1003 {
1004 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1005 continue;
1006 }
1007 $row = mysql_fetch_assoc($res);
1008 if($row['expired'] > 0)
1009 {
1010 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1011 continue;
1012 }
1013 mysql_query("delete from `domaincerts` where `id`='$id'");
1014 @unlink($row['csr_name']);
1015 @unlink($row['crt_name']);
1016 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1017 }
1018 }
1019 showfooter();
1020 exit;
1021 }
1022
1023 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1024 {
1025 showheader(_("My CAcert.org Account!"));
1026 foreach($_REQUEST as $id => $val)
1027 {
1028 if(substr($id,0,14)=="check_comment_")
1029 {
1030 $cid = intval(substr($id,14));
1031 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1032 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
1033 }
1034 }
1035 echo(_("Certificate settings have been changed.")."<br/>\n");
1036 showfooter();
1037 exit;
1038 }
1039
1040
1041 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1042 {
1043 showheader(_("My CAcert.org Account!"));
1044 if(is_array($_REQUEST['revokeid']))
1045 {
1046 echo _("Now renewing the following certificates:")."<br>\n";
1047 foreach($_REQUEST['revokeid'] as $id)
1048 {
1049 $id = intval($id);
1050 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1051 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1052 $res = mysql_query($query);
1053 if(mysql_num_rows($res) <= 0)
1054 {
1055 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1056 continue;
1057 }
1058
1059 $row = mysql_fetch_assoc($res);
1060
1061 if (($weakKey = checkWeakKeyX509(file_get_contents(
1062 $row['crt_name']))) !== "")
1063 {
1064 echo $weakKey, "<br/>\n";
1065 continue;
1066 }
1067
1068 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1069 $query = "insert into emailcerts set
1070 `memid`='".$row['memid']."',
1071 `CN`='".mysql_real_escape_string($row['CN'])."',
1072 `subject`='".mysql_real_escape_string($row['subject'])."',
1073 `keytype`='".$row['keytype']."',
1074 `csr_name`='".$row['csr_name']."',
1075 `created`='".$row['created']."',
1076 `modified`=NOW(),
1077 `disablelogin`='".$row['disablelogin']."',
1078 `codesign`='".$row['codesign']."',
1079 `rootcert`='".$row['rootcert']."',
1080 `description`='".$row['description']."'";
1081 mysql_query($query);
1082 $newid = mysql_insert_id();
1083 $newfile=generatecertpath("csr","client",$newid);
1084 copy($row['csr_name'], $newfile);
1085 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1086 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1087 while($r2 = mysql_fetch_assoc($res))
1088 {
1089 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1090 `emailcertsid`='$newid'");
1091 }
1092 waitForResult("emailcerts", $newid,$oldid,0);
1093 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1094 $res = mysql_query($query);
1095 if(mysql_num_rows($res) <= 0)
1096 {
1097 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1098 } else {
1099 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1100 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1101 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1102 }
1103 }
1104 }
1105 else
1106 {
1107 echo _("You did not select any certificates for renewal.")."<br/>";
1108 }
1109
1110 showfooter();
1111 exit;
1112 }
1113
1114 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1115 {
1116 $id = 5;
1117 showheader(_("My CAcert.org Account!"));
1118 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1119 {
1120 echo _("Now revoking the following certificates:")."<br>\n";
1121 foreach($_REQUEST['revokeid'] as $id)
1122 {
1123 $id = intval($id);
1124 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1125 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1126 $res = mysql_query($query);
1127 if(mysql_num_rows($res) <= 0)
1128 {
1129 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1130 continue;
1131 }
1132 $row = mysql_fetch_assoc($res);
1133 if($row['revoke'] > 0)
1134 {
1135 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1136 continue;
1137 }
1138 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1139 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1140 }
1141 }
1142 else
1143 {
1144 echo _("You did not select any certificates for revocation.");
1145 }
1146
1147 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1148 {
1149 echo _("Now deleting the following pending requests:")."<br>\n";
1150 foreach($_REQUEST['delid'] as $id)
1151 {
1152 $id = intval($id);
1153 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1154 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1155 $res = mysql_query($query);
1156 if(mysql_num_rows($res) <= 0)
1157 {
1158 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1159 continue;
1160 }
1161 $row = mysql_fetch_assoc($res);
1162 if($row['expired'] > 0)
1163 {
1164 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1165 continue;
1166 }
1167 mysql_query("delete from `emailcerts` where `id`='$id'");
1168 @unlink($row['csr_name']);
1169 @unlink($row['crt_name']);
1170 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1171 }
1172 }
1173 showfooter();
1174 exit;
1175 }
1176
1177 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1178 {
1179 showheader(_("My CAcert.org Account!"));
1180 foreach($_REQUEST as $id => $val)
1181 {
1182 if(substr($id,0,5)=="cert_")
1183 {
1184 $cid = intval(substr($id,5));
1185 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1186 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1187 }
1188 if(substr($id,0,14)=="check_comment_")
1189 {
1190 $cid = intval(substr($id,14));
1191 if(!empty($_REQUEST['check_comment_'.$cid])) {
1192 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1193 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1194 }
1195 }
1196 }
1197 echo(_("Certificate settings have been changed.")."<br/>\n");
1198 showfooter();
1199 exit;
1200 }
1201
1202
1203 if($oldid == 6 && $_REQUEST['certid'] != "")
1204 {
1205 if(trim($_REQUEST['description']) != ""){
1206 $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1207 }else{
1208 $description= "";
1209 }
1210
1211 if(trim($_REQUEST['disablelogin']) == "1"){
1212 $disablelogin = 1;
1213 }else{
1214 $disablelogin = 0;
1215 }
1216
1217 mysql_query("update `emailcerts` set `disablelogin`='$disablelogin', `description`='$description' where `id`='".$_REQUEST['certid']."' and `memid`='".$_SESSION['profile']['id']."'");
1218
1219 }
1220 if($oldid == 13 && $process != "")
1221 {
1222 csrf_check("perschange");
1223 $_SESSION['_config']['user'] = $_SESSION['profile'];
1224
1225 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1226 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1227 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1228 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1229 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1230 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1231 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1232 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1233 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1234 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1235
1236 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1237 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1238 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1239 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1240 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1241 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1242 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1243 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1244 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1245 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1246 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1247 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1248 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1249 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1250 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1251 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1252 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1253 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1254 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1255 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1256 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1257 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1258 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1259 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1260 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1261 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1262 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1263 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1264 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1265 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1266 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1267 {
1268 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1269 $id = $oldid;
1270 $oldid=0;
1271 }
1272
1273 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1274 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1275 $_SESSION['_config']['user']['Q5'] == "")
1276 {
1277 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1278 $id = $oldid;
1279 $oldid=0;
1280 }
1281 }
1282
1283 if($oldid == 13 && $process != "")
1284 {
1285 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1286 $ddres = mysql_query($ddquery);
1287 $ddrow = mysql_fetch_assoc($ddres);
1288 $_SESSION['profile']['points'] = $ddrow['total'];
1289
1290 if($_SESSION['profile']['points'] == 0)
1291 {
1292 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1293 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1294 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1295 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1296 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1297 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1298 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1299
1300 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1301 {
1302 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1303 $id = $oldid;
1304 $oldid=0;
1305 }
1306 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1307 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1308 {
1309 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1310 $id = $oldid;
1311 $oldid=0;
1312 }
1313 }
1314 }
1315
1316 if($oldid == 13 && $process != "")
1317 {
1318 if($_SESSION['profile']['points'] == 0)
1319 {
1320 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1321 `mname`='".$_SESSION['_config']['user']['mname']."',
1322 `lname`='".$_SESSION['_config']['user']['lname']."',
1323 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1324 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1325 where `id`='".$_SESSION['profile']['id']."'";
1326 mysql_query($query);
1327 }
1328 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1329 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1330 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1331 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1332 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1333 `A1`='".$_SESSION['_config']['user']['A1']."',
1334 `A2`='".$_SESSION['_config']['user']['A2']."',
1335 `A3`='".$_SESSION['_config']['user']['A3']."',
1336 `A4`='".$_SESSION['_config']['user']['A4']."',
1337 `A5`='".$_SESSION['_config']['user']['A5']."'
1338 where `id`='".$_SESSION['profile']['id']."'";
1339 mysql_query($query);
1340
1341 //!!!Should be rewritten
1342 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1343 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1344 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1345 {
1346 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1347 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1348 mysql_query($query);
1349 }
1350
1351 $_SESSION['_config']['user']['set'] = 0;
1352 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1353 $_SESSION['profile']['loggedin'] = 1;
1354
1355 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1356 $ddres = mysql_query($ddquery);
1357 $ddrow = mysql_fetch_assoc($ddres);
1358 $_SESSION['profile']['points'] = $ddrow['total'];
1359
1360
1361 $id = 13;
1362 showheader(_("My CAcert.org Account!"));
1363 echo _("Your details have been updated with the database.");
1364 showfooter();
1365 exit;
1366 }
1367
1368 if($oldid == 14 && $process != "")
1369 {
1370 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1371 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1372 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1373
1374 $id = 14;
1375 csrf_check("pwchange");
1376
1377 showheader(_("My CAcert.org Account!"));
1378 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1379 {
1380 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1381 '</h3>', "\n";
1382 echo _("New Pass Phrases specified don't match or were blank.");
1383 } else {
1384 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1385 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1386
1387 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1388 {
1389 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1390 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1391 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1392 $rc = mysql_num_rows($match);
1393 } else {
1394 $rc = 1;
1395 }
1396
1397 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1398 echo '<h3 style="color:red">',
1399 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1400 echo _("The Pass Phrase you submitted was too short.");
1401 } else if($score < 3) {
1402 echo '<h3 style="color:red">',
1403 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1404 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1405 } else if($rc <= 0) {
1406 echo '<h3 style="color:red">',
1407 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1408 echo _("You failed to correctly enter your current Pass Phrase.");
1409 } else {
1410 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1411 where `id`='".$_SESSION['profile']['id']."'");
1412 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1413 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1414 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1415 $body .= _("You are receiving this email because you or someone else ".
1416 "has changed the password on your account.")."\n\n";
1417
1418 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1419
1420 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1421 "support@cacert.org", "", "", "CAcert Support");
1422 }
1423 }
1424 showfooter();
1425 exit;
1426 }
1427
1428 if($oldid == 16)
1429 {
1430 $id = 16;
1431 $_SESSION['_config']['emails'] = array();
1432
1433 foreach($_REQUEST['emails'] as $val)
1434 {
1435 $val = mysql_real_escape_string(stripslashes(trim($val)));
1436 $bits = explode("@", $val);
1437 $count = count($bits);
1438 if($count != 2)
1439 continue;
1440
1441 if(checkownership($bits[1]) == false)
1442 continue;
1443
1444 if(!is_array($_SESSION['_config']['row']))
1445 continue;
1446 else if($_SESSION['_config']['row']['id'] > 0)
1447 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1448
1449 if($val != "")
1450 $_SESSION['_config']['emails'][] = $val;
1451 }
1452 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1453 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1454
1455
1456 if(trim($_REQUEST['description']) != ""){
1457 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1458 }else{
1459 $_SESSION['_config']['description']= "";
1460 }
1461 }
1462
1463 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1464 {
1465 $id = 16;
1466 showheader(_("My CAcert.org Account!"));
1467 echo _("I couldn't match any emails against your organisational account.");
1468 showfooter();
1469 exit;
1470 }
1471
1472 if($oldid == 16 && $process != "")
1473 {
1474
1475 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1476 {
1477 $_REQUEST['codesign'] = 1;
1478 $_SESSION['_config']['codesign'] = 1;
1479 }
1480 else
1481 {
1482 $_REQUEST['codesign'] = 0;
1483 $_SESSION['_config']['codesign'] = 0;
1484 }
1485
1486 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1487 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1488 $_SESSION['_config']['rootcert'] = 1;
1489
1490 if(trim($_REQUEST['description']) != ""){
1491 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1492 }else{
1493 $_SESSION['_config']['description']= "";
1494 }
1495
1496 if(@count($_SESSION['_config']['emails']) > 0)
1497 $id = 17;
1498 }
1499
1500 if($oldid == 17)
1501 {
1502 $org = $_SESSION['_config']['row'];
1503 if($_REQUEST['keytype'] == "NS")
1504 {
1505 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1506
1507 if($spkac == "" || strlen($spkac) < 128)
1508 {
1509 $id = 17;
1510 showheader(_("My CAcert.org Account!"));
1511 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1512 showfooter();
1513 exit;
1514 }
1515
1516 $count = 0;
1517 $emails = "";
1518 $addys = array();
1519 if(is_array($_SESSION['_config']['emails']))
1520 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1521 {
1522 if(!$emails)
1523 $defaultemail = $_REQUEST['email'];
1524 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1525 $count++;
1526 }
1527 if($_SESSION['_config']['name'] != "")
1528 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1529 if($_SESSION['_config']['OU'])
1530 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1531 if($org['O'])
1532 $emails .= "organizationName = ".$org['O']."\n";
1533 if($org['L'])
1534 $emails .= "localityName = ".$org['L']."\n";
1535 if($org['ST'])
1536 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1537 if($org['C'])
1538 $emails .= "countryName = ".$org['C']."\n";
1539 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1540 $_SESSION['_config']['rootcert'] = 1;
1541
1542
1543 $emails .= "SPKAC = $spkac";
1544 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1545 {
1546 $id = 17;
1547 showheader(_("My CAcert.org Account!"));
1548 echo $weakKey;
1549 showfooter();
1550 exit;
1551 }
1552
1553 $query = "insert into `orgemailcerts` set
1554 `CN`='$defaultemail',
1555 `ou`='".$_SESSION['_config']['OU']."',
1556 `keytype`='NS',
1557 `orgid`='".$org['orgid']."',
1558 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1559 `codesign`='".$_SESSION['_config']['codesign']."',
1560 `rootcert`='".$_SESSION['_config']['rootcert']."',
1561 `description`='".$_SESSION['_config']['description']."'";
1562 mysql_query($query);
1563 $emailid = mysql_insert_id();
1564
1565 foreach($_SESSION['_config']['domids'] as $addy)
1566 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1567
1568 $CSRname=generatecertpath("csr","orgclient",$emailid);
1569 $fp = fopen($CSRname, "w");
1570 fputs($fp, $emails);
1571 fclose($fp);
1572 $challenge=$_SESSION['spkac_hash'];
1573 $res=`openssl spkac -verify -in $CSRname`;
1574 if(!strstr($res,"Challenge String: ".$challenge))
1575 {
1576 $id = $oldid;
1577 showheader(_("My CAcert.org Account!"));
1578 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1579 showfooter();
1580 exit;
1581 }
1582 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1583 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1584 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1585
1586 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1587 {
1588 $id = 17;
1589 showheader(_("My CAcert.org Account!"));
1590 echo $weakKey;
1591 showfooter();
1592 exit;
1593 }
1594
1595 $tmpfname = tempnam("/tmp", "id17CSR");
1596 $fp = fopen($tmpfname, "w");
1597 fputs($fp, $csr);
1598 fclose($fp);
1599
1600 $addys = array();
1601 $defaultemail = "";
1602 $csrsubject="";
1603
1604 if($_SESSION['_config']['name'] != "")
1605 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1606 if(is_array($_SESSION['_config']['emails']))
1607 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1608 {
1609 if($defaultemail == "")
1610 $defaultemail = $_REQUEST['email'];
1611 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1612 }
1613 if($_SESSION['_config']['OU'])
1614 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1615 if($org['O'])
1616 $csrsubject .= "/organizationName=".$org['O'];
1617 if($org['L'])
1618 $csrsubject .= "/localityName=".$org['L'];
1619 if($org['ST'])
1620 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1621 if($org['C'])
1622 $csrsubject .= "/countryName=".$org['C'];
1623
1624 $tmpname = tempnam("/tmp", "id17csr");
1625 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1626 @unlink($tmpfname);
1627 $csr = "";
1628 $fp = fopen($tmpname, "r");
1629 while($data = fgets($fp, 4096))
1630 $csr .= $data;
1631 fclose($fp);
1632 @unlink($tmpname);
1633
1634 if($csr == "")
1635 {
1636 showheader(_("My CAcert.org Account!"));
1637 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1638 showfooter();
1639 exit;
1640 }
1641 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1642 $_SESSION['_config']['rootcert'] = 1;
1643
1644 $query = "insert into `orgemailcerts` set
1645 `CN`='$defaultemail',
1646 `ou`='".$_SESSION['_config']['OU']."',
1647 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1648 `orgid`='".$org['orgid']."',
1649 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1650 `subject`='$csrsubject',
1651 `codesign`='".$_SESSION['_config']['codesign']."',
1652 `rootcert`='".$_SESSION['_config']['rootcert']."',
1653 `description`='".$_SESSION['_config']['description']."'";
1654 mysql_query($query);
1655 $emailid = mysql_insert_id();
1656
1657 foreach($_SESSION['_config']['domids'] as $addy)
1658 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1659
1660 $CSRname=generatecertpath("csr","orgclient",$emailid);
1661 $fp = fopen($CSRname, "w");
1662 fputs($fp, $csr);
1663 fclose($fp);
1664 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1665 }
1666 waitForResult("orgemailcerts", $emailid,$oldid);
1667 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1668 $res = mysql_query($query);
1669 if(mysql_num_rows($res) <= 0)
1670 {
1671 showheader(_("My CAcert.org Account!"));
1672 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1673 showfooter();
1674 exit;
1675 } else {
1676 $id = 19;
1677 $cert = $emailid;
1678 $_REQUEST['cert']=$emailid;
1679 }
1680 }
1681
1682 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1683 {
1684 csrf_check('clicerchange');
1685 showheader(_("My CAcert.org Account!"));
1686 if(is_array($_REQUEST['revokeid']))
1687 {
1688 $id = 18;
1689 echo _("Now renewing the following certificates:")."<br>\n";
1690 foreach($_REQUEST['revokeid'] as $id)
1691 {
1692 echo "Renewing certificate #$id ...\n<br/>";
1693 $id = intval($id);
1694 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1695 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1696 `org`.`orgid`=`orgemailcerts`.`orgid`";
1697 $res = mysql_query($query);
1698 if(mysql_num_rows($res) <= 0)
1699 {
1700 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1701 continue;
1702 }
1703
1704 $row = mysql_fetch_assoc($res);
1705
1706 if (($weakKey = checkWeakKeyX509(file_get_contents(
1707 $row['crt_name']))) !== "")
1708 {
1709 echo $weakKey, "<br/>\n";
1710 continue;
1711 }
1712
1713 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1714 if($row['revoke'] > 0)
1715 {
1716 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1717 continue;
1718 }
1719 $query = "insert into `orgemailcerts` set
1720 `orgid`='".$row['orgid']."',
1721 `CN`='".$row['CN']."',
1722 `ou`='".$row['ou']."',
1723 `subject`='".$row['subject']."',
1724 `keytype`='".$row['keytype']."',
1725 `csr_name`='".$row['csr_name']."',
1726 `created`='".$row['created']."',
1727 `modified`=NOW(),
1728 `codesign`='".$row['codesign']."',
1729 `rootcert`='".$row['rootcert']."',
1730 `description`='".$row['description']."'";
1731 mysql_query($query);
1732 $newid = mysql_insert_id();
1733 $newfile=generatecertpath("csr","orgclient",$newid);
1734 copy($row['csr_name'], $newfile);
1735 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1736 waitForResult("orgemailcerts", $newid,$oldid,0);
1737 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1738 $res = mysql_query($query);
1739 if(mysql_num_rows($res) > 0)
1740 {
1741 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1742 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1743 _("Click here")."</a> "._("to install your certificate.");
1744 }
1745 echo("<br/>");
1746 }
1747 }
1748 else
1749 {
1750 echo _("You did not select any certificates for renewal.");
1751 }
1752 showfooter();
1753 exit;
1754 }
1755
1756 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1757 {
1758 csrf_check('clicerchange');
1759 $id = 18;
1760 showheader(_("My CAcert.org Account!"));
1761 if(is_array($_REQUEST['revokeid']))
1762 {
1763 echo _("Now revoking the following certificates:")."<br>\n";
1764 foreach($_REQUEST['revokeid'] as $id)
1765 {
1766 $id = intval($id);
1767 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1768 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1769 `org`.`orgid`=`orgemailcerts`.`orgid`";
1770 $res = mysql_query($query);
1771 if(mysql_num_rows($res) <= 0)
1772 {
1773 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1774 continue;
1775 }
1776 $row = mysql_fetch_assoc($res);
1777 if($row['revoke'] > 0)
1778 {
1779 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1780 continue;
1781 }
1782 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1783 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1784 }
1785 }
1786 else
1787 {
1788 echo _("You did not select any certificates for revocation.");
1789 }
1790
1791 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1792 {
1793 echo _("Now deleting the following pending requests:")."<br>\n";
1794 foreach($_REQUEST['delid'] as $id)
1795 {
1796 $id = intval($id);
1797 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1798 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1799 `org`.`orgid`=`orgemailcerts`.`orgid`";
1800 $res = mysql_query($query);
1801 if(mysql_num_rows($res) <= 0)
1802 {
1803 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1804 continue;
1805 }
1806 $row = mysql_fetch_assoc($res);
1807 if($row['expired'] > 0)
1808 {
1809 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1810 continue;
1811 }
1812 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1813 @unlink($row['csr_name']);
1814 @unlink($row['crt_name']);
1815 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1816 }
1817 }
1818 showfooter();
1819 exit;
1820 }
1821
1822 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1823 {
1824 showheader(_("My CAcert.org Account!"));
1825 foreach($_REQUEST as $id => $val)
1826 {
1827 if(substr($id,0,14)=="check_comment_")
1828 {
1829 $cid = intval(substr($id,14));
1830 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1831 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
1832 }
1833 }
1834 echo(_("Certificate settings have been changed.")."<br/>\n");
1835 showfooter();
1836 exit;
1837 }
1838
1839 if($oldid == 18 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
1840 {
1841 $id=18;
1842 $_SESSION['_config']['orgfilterid']=$_REQUEST['orgfilterid'];
1843 $_SESSION['_config']['sorting']=$_REQUEST['sorting'];
1844 $_SESSION['_config']['status']=$_REQUEST['status'];
1845 }
1846
1847 if($oldid == 18 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
1848 {
1849 $id=18;
1850 $_SESSION['_config']['orgfilterid']=0;
1851 $_SESSION['_config']['sorting']=0;
1852 $_SESSION['_config']['status']=0;
1853 }
1854
1855 if($process != "" && $oldid == 20)
1856 {
1857 $CSR = clean_csr($_REQUEST['CSR']);
1858
1859 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1860 {
1861 $id = 20;
1862 showheader(_("My CAcert.org Account!"));
1863 echo $weakKey;
1864 showfooter();
1865 exit;
1866 }
1867
1868 if(trim($_REQUEST['description']) != ""){
1869 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1870 }else{
1871 $_SESSION['_config']['description']= "";
1872 }
1873
1874 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1875 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1876 fputs($fp, $CSR);
1877 fclose($fp);
1878 $CSR = $_SESSION['_config']['tmpfname'];
1879 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1880 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1881 foreach($bits as $val)
1882 {
1883 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1884 }
1885 $id = 21;
1886
1887 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1888 extractit();
1889 getcn2();
1890 getalt2();
1891
1892 $query = "select * from `orginfo`,`org`,`orgdomains` where
1893 `org`.`memid`='".$_SESSION['profile']['id']."' and
1894 `org`.`orgid`=`orginfo`.`id` and
1895 `org`.`orgid`=`orgdomains`.`orgid` and
1896 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1897 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1898 $query = "select * from `orginfo`,`org`,`orgdomains` where
1899 `org`.`memid`='".$_SESSION['profile']['id']."' and
1900 `org`.`orgid`=`orginfo`.`id` and
1901 `org`.`orgid`=`orgdomains`.`orgid` and
1902 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1903 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1904 //echo "<pre>"; print_r($_SESSION['_config']); die;
1905
1906 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1907 {
1908 $id = 20;
1909 showheader(_("My CAcert.org Account!"));
1910 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1911 showfooter();
1912 exit;
1913 }
1914
1915 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1916 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1917 $_SESSION['_config']['rootcert'] = 1;
1918 }
1919
1920 if($process != "" && $oldid == 21)
1921 {
1922 $id = 21;
1923
1924 if(!file_exists($_SESSION['_config']['tmpfname']))
1925 {
1926 showheader(_("My CAcert.org Account!"));
1927 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1928 showfooter();
1929 exit;
1930 }
1931
1932 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1933 $_SESSION['_config']['tmpfname']))) !== "")
1934 {
1935 showheader(_("My CAcert.org Account!"));
1936 echo $weakKey;
1937 showfooter();
1938 exit;
1939 }
1940
1941 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1942 {
1943 showheader(_("My CAcert.org Account!"));
1944 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1945 showfooter();
1946 exit;
1947 }
1948
1949 if($_SESSION['_config']['rowid']['0'] > 0)
1950 {
1951 $query = "select * from `org`,`orginfo` where
1952 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1953 `orginfo`.`id`=`org`.`orgid` and
1954 `org`.`memid`='".$_SESSION['profile']['id']."'";
1955 } else {
1956 $query = "select * from `org`,`orginfo` where
1957 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1958 `orginfo`.`id`=`org`.`orgid` and
1959 `org`.`memid`='".$_SESSION['profile']['id']."'";
1960 }
1961 $org = mysql_fetch_assoc(mysql_query($query));
1962 $csrsubject = "";
1963
1964 if($_SESSION['_config']['OU'])
1965 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1966 if($org['O'])
1967 $csrsubject .= "/organizationName=".$org['O'];
1968 if($org['L'])
1969 $csrsubject .= "/localityName=".$org['L'];
1970 if($org['ST'])
1971 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1972 if($org['C'])
1973 $csrsubject .= "/countryName=".$org['C'];
1974 //if($org['contact'])
1975 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1976
1977 if(is_array($_SESSION['_config']['rows']))
1978 foreach($_SESSION['_config']['rows'] as $row)
1979 $csrsubject .= "/commonName=$row";
1980 $SAN="";
1981 if(is_array($_SESSION['_config']['altrows']))
1982 foreach($_SESSION['_config']['altrows'] as $subalt)
1983 {
1984 if($SAN != "")
1985 $SAN .= ",";
1986 $SAN .= "$subalt";
1987 }
1988
1989 if($SAN != "")
1990 $csrsubject .= "/subjectAltName=".$SAN;
1991
1992 $type="";
1993 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1994 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1995 $_SESSION['_config']['rootcert'] = 1;
1996
1997 if($_SESSION['_config']['rowid']['0'] > 0)
1998 {
1999 $query = "insert into `orgdomaincerts` set
2000 `CN`='".$_SESSION['_config']['rows']['0']."',
2001 `orgid`='".$org['id']."',
2002 `created`=NOW(),
2003 `subject`='$csrsubject',
2004 `rootcert`='".$_SESSION['_config']['rootcert']."',
2005 `type`='$type',
2006 `description`='".$_SESSION['_config']['description']."'";
2007 } else {
2008 $query = "insert into `orgdomaincerts` set
2009 `CN`='".$_SESSION['_config']['altrows']['0']."',
2010 `orgid`='".$org['id']."',
2011 `created`=NOW(),
2012 `subject`='$csrsubject',
2013 `rootcert`='".$_SESSION['_config']['rootcert']."',
2014 `type`='$type',
2015 `description`='".$_SESSION['_config']['description']."'";
2016 }
2017 mysql_query($query);
2018 $CSRid = mysql_insert_id();
2019
2020 $CSRname=generatecertpath("csr","orgserver",$CSRid);
2021 rename($_SESSION['_config']['tmpfname'], $CSRname);
2022 chmod($CSRname,0644);
2023 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
2024 if(is_array($_SESSION['_config']['rowid']))
2025 foreach($_SESSION['_config']['rowid'] as $id)
2026 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
2027 if(is_array($_SESSION['_config']['altid']))
2028 foreach($_SESSION['_config']['altid'] as $id)
2029 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
2030 waitForResult("orgdomaincerts", $CSRid,$oldid);
2031 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
2032 $res = mysql_query($query);
2033 if(mysql_num_rows($res) <= 0)
2034 {
2035 showheader(_("My CAcert.org Account!"));
2036 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2037 showfooter();
2038 exit;
2039 } else {
2040 $id = 23;
2041 $cert = $CSRid;
2042 $_REQUEST['cert']=$CSRid;
2043 }
2044 }
2045
2046 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
2047 {
2048 csrf_check('orgsrvcerchange');
2049 showheader(_("My CAcert.org Account!"));
2050 if(is_array($_REQUEST['revokeid']))
2051 {
2052 echo _("Now renewing the following certificates:")."<br>\n";
2053 foreach($_REQUEST['revokeid'] as $id)
2054 {
2055 $id = intval($id);
2056 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2057 `orgdomaincerts`,`org`
2058 where `orgdomaincerts`.`id`='$id' and
2059 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2060 `org`.`memid`='".$_SESSION['profile']['id']."'";
2061 $res = mysql_query($query);
2062 if(mysql_num_rows($res) <= 0)
2063 {
2064 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2065 continue;
2066 }
2067
2068 $row = mysql_fetch_assoc($res);
2069
2070 if (($weakKey = checkWeakKeyX509(file_get_contents(
2071 $row['crt_name']))) !== "")
2072 {
2073 echo $weakKey, "<br/>\n";
2074 continue;
2075 }
2076
2077 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2078 if($row['revoke'] > 0)
2079 {
2080 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2081 continue;
2082 }
2083 $query = "insert into `orgdomaincerts` set
2084 `orgid`='".$row['orgid']."',
2085 `CN`='".$row['CN']."',
2086 `csr_name`='".$row['csr_name']."',
2087 `created`='".$row['created']."',
2088 `modified`=NOW(),
2089 `subject`='".$row['subject']."',
2090 `type`='".$row['type']."',
2091 `rootcert`='".$row['rootcert']."',
2092 `description`='".$row['description']."'";
2093 mysql_query($query);
2094 $newid = mysql_insert_id();
2095 //echo "NewID: $newid<br/>\n";
2096 $newfile=generatecertpath("csr","orgserver",$newid);
2097 copy($row['csr_name'], $newfile);
2098 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2099 echo _("Renewing").": ".$row['CN']."<br>\n";
2100 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2101 while($r2 = mysql_fetch_assoc($res))
2102 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
2103 waitForResult("orgdomaincerts", $newid,$oldid,0);
2104 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2105 $res = mysql_query($query);
2106 if(mysql_num_rows($res) <= 0)
2107 {
2108 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2109 } else {
2110 $drow = mysql_fetch_assoc($res);
2111 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
2112 echo "<pre>\n$cert\n</pre>\n";
2113 }
2114 }
2115 }
2116 else
2117 {
2118 echo _("You did not select any certificates for renewal.");
2119 }
2120 showfooter();
2121 exit;
2122 }
2123
2124 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2125 {
2126 csrf_check('orgsrvcerchange');
2127 showheader(_("My CAcert.org Account!"));
2128 if(is_array($_REQUEST['revokeid']))
2129 {
2130 echo _("Now revoking the following certificates:")."<br>\n";
2131 foreach($_REQUEST['revokeid'] as $id)
2132 {
2133 $id = intval($id);
2134 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2135 `orgdomaincerts`,`org`
2136 where `orgdomaincerts`.`id`='$id' and
2137 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2138 `org`.`memid`='".$_SESSION['profile']['id']."'";
2139 $res = mysql_query($query);
2140 if(mysql_num_rows($res) <= 0)
2141 {
2142 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2143 continue;
2144 }
2145 $row = mysql_fetch_assoc($res);
2146 if($row['revoke'] > 0)
2147 {
2148 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2149 continue;
2150 }
2151 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2152 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2153 }
2154 }
2155 else
2156 {
2157 echo _("You did not select any certificates for revocation.");
2158 }
2159
2160 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2161 {
2162 echo _("Now deleting the following pending requests:")."<br>\n";
2163 foreach($_REQUEST['delid'] as $id)
2164 {
2165 $id = intval($id);
2166 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2167 `orgdomaincerts`,`org`
2168 where `orgdomaincerts`.`id`='$id' and
2169 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2170 `org`.`memid`='".$_SESSION['profile']['id']."'";
2171 $res = mysql_query($query);
2172 if(mysql_num_rows($res) <= 0)
2173 {
2174 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2175 continue;
2176 }
2177 $row = mysql_fetch_assoc($res);
2178 if($row['expired'] > 0)
2179 {
2180 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2181 continue;
2182 }
2183 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2184 @unlink($row['csr_name']);
2185 @unlink($row['crt_name']);
2186 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2187 }
2188 }
2189 showfooter();
2190 exit;
2191 }
2192
2193 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2194 {
2195 showheader(_("My CAcert.org Account!"));
2196 foreach($_REQUEST as $id => $val)
2197 {
2198 if(substr($id,0,14)=="check_comment_")
2199 {
2200 $cid = intval(substr($id,14));
2201 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2202 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
2203 }
2204 }
2205 echo(_("Certificate settings have been changed.")."<br/>\n");
2206 showfooter();
2207 exit;
2208 }
2209
2210 if($oldid == 22 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
2211 {
2212 $id=22;
2213 $_SESSION['_config']['dorgfilterid']=$_REQUEST['dorgfilterid'];
2214 $_SESSION['_config']['dsorting']=$_REQUEST['dsorting'];
2215 $_SESSION['_config']['dstatus']=$_REQUEST['dstatus'];
2216 }
2217
2218 if($oldid == 22 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
2219 {
2220 $id=22;
2221 $_SESSION['_config']['dorgfilterid']=0;
2222 $_SESSION['_config']['dsorting']=0;
2223 $_SESSION['_config']['dstatus']=0;
2224 }
2225
2226
2227 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2228 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2229 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2230 $_SESSION['profile']['orgadmin'] != 1)
2231 {
2232 showheader(_("My CAcert.org Account!"));
2233 echo _("You don't have access to this area.");
2234 showfooter();
2235 exit;
2236 }
2237
2238 if($oldid == 24 && $process != "")
2239 {
2240 $id = intval($oldid);
2241 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2242 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2243 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2244 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2245 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2246 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2247
2248 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2249 {
2250 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2251 } else {
2252 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2253 `contact`='".$_SESSION['_config']['contact']."',
2254 `L`='".$_SESSION['_config']['L']."',
2255 `ST`='".$_SESSION['_config']['ST']."',
2256 `C`='".$_SESSION['_config']['C']."',
2257 `comments`='".$_SESSION['_config']['comments']."'");
2258 showheader(_("My CAcert.org Account!"));
2259 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2260 showfooter();
2261 exit;
2262 }
2263 }
2264
2265 if($oldid == 27 && $process != "")
2266 {
2267 csrf_check('orgdetchange');
2268 $id = intval($oldid);
2269 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2270 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2271 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2272 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2273 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2274 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2275
2276 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2277 {
2278 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2279 } else {
2280 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2281 `contact`='".$_SESSION['_config']['contact']."',
2282 `L`='".$_SESSION['_config']['L']."',
2283 `ST`='".$_SESSION['_config']['ST']."',
2284 `C`='".$_SESSION['_config']['C']."',
2285 `comments`='".$_SESSION['_config']['comments']."'
2286 where `id`='".$_SESSION['_config']['orgid']."'");
2287 showheader(_("My CAcert.org Account!"));
2288 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2289 showfooter();
2290 exit;
2291 }
2292 }
2293
2294 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2295 {
2296 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2297 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2298 if(mysql_num_rows($res1) > 0)
2299 {
2300 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2301 $id = $oldid;
2302 $oldid=0;
2303 }
2304 }
2305
2306 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2307 {
2308 $oldid=0;
2309 $id = 25;
2310 }
2311
2312 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2313 {
2314 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2315 showheader(_("My CAcert.org Account!"));
2316 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2317 echo "<br><br><a href='account.php?id=26&orgid="